Rewterz Threat Advisory – SolarWinds Orion Job Scheduler code execution
May 24, 2021Rewterz Threat Alert – Lokibot Active- IOCs
May 24, 2021Rewterz Threat Advisory – SolarWinds Orion Job Scheduler code execution
May 24, 2021Rewterz Threat Alert – Lokibot Active- IOCs
May 24, 2021Severity
Medium
Analysis Summary
CVE-2021-1494 , CVE-2021-1495
Multiple Cisco products are affected by vulnerabilities in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured file policy for HTTP. An attacker could exploit these vulnerabilities by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured file policy for HTTP packets and deliver a malicious payload.
Impact
Unauthorized Access
Affected Vendors
Cisco
Affected Products
- Cisco 3000 Series Industrial Security Appliances (ISAs)
- CIsco 4000 Series Integrated Services Routers
- Catalyst 8200 Series Edge Platforms
- Cisco 8000V Edge Software
- Cisco 8300 Series Edge Platforms
- Cisco 8500L Series Edge Platforms
- Cloud Services Router 1000V Series
- Cisco Firepower Threat Defense (FTD) Software
- Integrated Services Virtual Router
- Open Source Snort 2
- 1000 Series Integrated Services Routers
Remediation
Refer to Cisco Security Advisory for patch, upgrade, or suggested workaround information.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-fp-bp-KfDdcQhc